Age | Commit message (Collapse) | Author | Files | Lines |
|
We don't need all object attributes resolved and converted for a working
schema to be functional.
|
|
during replicated object convert stage.
The problem is that we may have loops in schema graph and we can't
resolve those loops in just one pass. Ignoring some attributes
conversion will allow us to have a functional schema cache that we
can use later to resolve all attribute OIDs on another pass
|
|
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
everything is OK
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Sat Dec 18 05:53:48 CET 2010 on sn-devel-104
|
|
We need to do this as dsdb_reference_schema() function
clears "use_global_schema" ldb flag.
Basically what is going to happen is that after dsdb_reference_schema()
global_schema pointer will continue to point at old schema cache,
while "dsdb_schema" for LDB will point at the working_schema.
After replication is done, we reset "dsdb_schema" for the ldb
with an updated Schema cache, but this leaves global_schema pointer
with its old value, which is not up to date.
So we need to call dsdb_make_schema_global() again so that global_schema
points to a valid Schema cache.
|
|
working_schema is a shallow copy of current schema and thus
depends on part of it. So we want it to be around as long as
working_schema is used.
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Fri Dec 17 23:34:29 CET 2010 on sn-devel-104
|
|
while committing objects
working_schema is to be used while committing a Schema replica.
When we replicate Schema, then we most probably won't be
able to convert all replicated objects using the current
Schema cache (as we don't know anything about those new objects).
Thus, during Schema replication, we make a temporary
working_schema that contains both our current Schema +
all objects we get on the wire.
When we commit those new objects, we should use our working_schema
(by setting it to the ldb), and after all changes are commited,
we can refresh the schema cache so we have a brand new,
full-featured Schema cache
|
|
return NULL
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Dec 1 17:14:01 CET 2010 on sn-devel-104
|
|
It is heavily based on implementation in libnet_vampire_cb_apply_schema()
function, except that it actually creates a new copy of the supplied
initial_schema + resolving all incoming objects and add them to
supplied initial_schema.
We are going to need this 'working_schema' later so we are able
to fully resolve all objects we receive on wire during DRS replication.
Working schema created is to be used only as an index to search in.
It is not supposed to be set to an ldb_context as it doesn't
contain all information for classSchema and attributeSchema objects.
|
|
This allows us to use schema that is different than the one
set to 'ldb' to decode objects.
|
|
|
|
dsdb_replicated_objects_convert/
It is part of dsdb_replicated_* family of functions
|
|
dsdb_replicated_objects_commit
It is part of dsdb_replicated_* family of functions
|
|
It is used in dsdb_origin_objects_commit() func,
hence the dsdb_origin_ prefix
|
|
Those values are actually ATTID values and such, they are used
for ATTIDs for Attributes, Classes and Syntaxes.
|
|
|
|
replica
This fixes the problem when we fail to replicate with
a partner DC that has a newer Schema with attributeSchema
objects with OIDs that we don't have in our local prefixMap.
|
|
This will allow the libnet_vampire code to manually convert individual
schema objects.
Andrew Bartlett
|
|
This choses an appropriate talloc context to attach the schema too,
long enough lived to ensure it does not go away before the operation
compleates.
Andrew Bartlett
|
|
I changed also some "uint32_t" to "unsigned" since the LDB interface doesn't
specify the bitlength of the unsigned type.
|
|
When a object or attribute is created/updated/deleted, according
to [MS-ADTS] 3.1.1.5.1.6, it stores the uSNUrgent on @REPLCHANGED
for the partitions that it belongs.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This reverts commit 1287c1d115fb7e8f3954bc05ff65007968403a9c.
Next patch should fix the "not recognized ATTIDs" problem
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
|
|
w2k8-r2 sometimes sends empty attributes with completely bogus attrid
values in a DRS replication response. This allows us to continue with
the vampire operation despite these broken elements.
|
|
"lDAPDisplayName" generator"
This reverts commit df95d5c29292968b465bff24c3cf78800677a4d4.
abartlet pointed out in a post on the samba-technical list that this isn't
necessary at all (lDAPDisplayName normalisation algorithm). Rather it breaks
functionality of the replication.
|
|
"lDAPDisplayName" generator
Also here we've to be sure to generate the attribute correctly if it doesn't
exist yet.
|
|
This will allow us in future to do tests on the LDB values we generate
from the DRS replication.
Andrew Bartlett
|
|
dsdb_schema_pfm_contains_drsuapi_pfm()
dsdb_schema_pfm_contains_drsuapi_pfm() is part of reimplemented
prefixMap interface.
This name was choosen to clearly show, that this a week verification
in case we want to determine if remote schema is changed.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
ids is retrurned via _ids, so it needs to be on the passed in mem_ctx
|
|
Added the RELAX control to dsdb_origin_objects_commit(), as it needs
to modify system objects. This patch also fixes the use of ldb
transactions in that function, and fixes a memory leak.
|
|
These additional debug messages were added to help us track down
w2k8->s4 domain join
|
|
When we replicate from a remote DC, we need to note the new uSN that
the local changes have resulted in, and modify the uSN that the notify
task uses to determine if it should send a ReplicaSync message back to
the remote DC. Otherwise we end up always triggering a ReplicaSync
every time we replicate from another DC
|
|
|
|
|
|
When a DsAddEntry is used to create a nTDSDSA object we need to also
create the SPNs for the NTDS GUID in the servers machine account.
|
|
|
|
metze
|
|
This exposes the linked_attributes to the repl_meta_data module
|
|
We should always apply a whole set of DRS changes or none of them. See
[MS-DRSR] 3.3.2
|
|
We found this as an object came across from w2k3 with zero values,
which caused a segv when we tried to decrypt the first value
|
|
This file (contining metze's decryption routines) is now also be used by
Samba3's DRSUAPI implementation
Andrew Bartlett
|
|
Until the extended DN work was compleated, there was no way to store
the additional metadata.
Andrew Bartlett
|
|
|
|
|
|
Andrew Bartlett
(This used to be commit 948ee9b7acd90b994bb9d9f7c1813a8eca430e4f)
|
|
ndr_struct_push_blob().
(This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
|
|
lib/messaging/
lib/registry/
lib/ldb-samba/
librpc/rpc/
auth/auth_winbind.c
auth/gensec/
auth/kerberos/
dsdb/repl/
dsdb/samdb/
dsdb/schema/
torture/
cluster/ctdb/
kdc/
ntvfs/ipc/
torture/rap/
ntvfs/
utils/getntacl.c
ntptr/
smb_server/
libcli/wrepl/
wrepl_server/
libcli/cldap/
libcli/dgram/
libcli/ldap/
libcli/raw/
libcli/nbt/
libnet/
winbind/
rpc_server/
metze
(This used to be commit 6223c7fddc972687eb577e04fc1c8e0604c35435)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
metze
(This used to be commit e44b6df1387096989726c0a68189fe6c4e37dfd7)
|